Amazon GuardDuty
The IBM® QRadar® DSM for Amazon GuardDuty collects Amazon GuardDuty events from the log group of the Amazon CloudWatch logs services.
The following table identifies the specifications for the Amazon GuardDuty DSM:
| Specification | Value |
|---|---|
| Manufacturer | Amazon |
| DSM name | Amazon GuardDuty |
| RPM file name | DSM-AmazonGuardDuty-QRadar_version-buildbuild_number.noarch.rpm |
| Supported versions | GuardDuty Schema Version 2.0 |
| Protocol | Amazon Web Services Amazon AWS REST API |
| Event format | JSON |
| Recorded event types | Amazon GuardDuty Findings |
| Automatically discovered? | No |
| Includes identity? | No |
| Includes custom properties? | No |
| More information | For more information, see the Amazon GuardDuty Documentation (https://aws.amazon.com/documentation/guardduty). |